diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index d4f37e2..a1bd430 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -34,8 +34,15 @@ jobs:
             target
           key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
 
+
+      - name: configure GPG key
+        if: (github.ref == 'refs/heads/master' || github.event_name == 'push') && github.repository == 'realaravinth/librepages'
+        run: echo -n "$RELEASE_BOT_GPG_SIGNING_KEY" | gpg --batch --import --pinentry-mode loopback
+        env:
+          RELEASE_BOT_GPG_SIGNING_KEY: ${{ secrets.RELEASE_BOT_GPG_SIGNING_KEY }}
+
       - name: Login to DockerHub
-        if: (github.ref == 'refs/heads/master' || github.event_name == 'push') && github.repository == 'realaravinth/pages'
+        if: (github.ref == 'refs/heads/master' || github.event_name == 'push') && github.repository == 'realaravinth/librepages'
         uses: docker/login-action@v1
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
@@ -57,6 +64,13 @@ jobs:
       - name: build and publish docker images
         run: make docker-publish
 
+      - name: publish bins
+        if: (github.ref == 'refs/heads/master' || github.event_name == 'push') && github.repository == 'realaravinth/librepages'
+        run: ./scripts/publish.sh publish master latest $DUMBSERVE_PASSWORD
+        env:
+          DUMBSERVE_PASSWORD: ${{ secrets.DUMBSERVE_PASSWORD }}
+          GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }}
+
       - name: generate documentation
         if: matrix.version == 'stable' && (github.repository == 'realaravinth/pages')
         run: make doc
@@ -64,7 +78,7 @@ jobs:
           GIT_HASH: 8e77345f1597e40c2e266cb4e6dee74888918a61 # dummy value
 
       - name: Deploy to GitHub Pages
-        if: matrix.version == 'stable' && (github.repository == 'realaravinth/pages')
+        if: matrix.version == 'stable' && (github.repository == 'realaravinth/librepages')
         uses: JamesIves/github-pages-deploy-action@3.7.1
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/scripts/bin-publish.sh b/scripts/bin-publish.sh
new file mode 100755
index 0000000..51e60dd
--- /dev/null
+++ b/scripts/bin-publish.sh
@@ -0,0 +1,119 @@
+#!/bin/bash
+# Copyright (C) 2022  Aravinth Manivannan <realaravinth@batsense.net>
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+# publish.sh: grab bin from docker container, pack, sign and upload
+# $2: binary version
+# $3: Docker img tag
+# $4: dumbserve username
+# $5: dumbserve password
+
+set -xEeuo  pipefail
+
+DUMBSERVE_USERNAME=librepages
+DUMBSERVE_PASSWORD=$5
+DUMBSERVE_HOST="https://$DUMBSERVE_USERNAME:$DUMBSERVE_PASSWORD@dl.librepages.org"
+
+NAME=librebages
+KEY=7981CA5AE57350D9F9BF5F6456CB9AF170E4A02F
+
+TMP_DIR=$(mktemp -d)
+FILENAME="$NAME-$2-linux-amd64"
+TARBALL=$FILENAME.tar.gz
+TARGET_DIR="$TMP_DIR/$FILENAME/"
+mkdir -p $TARGET_DIR
+DOCKER_IMG="realaravinth/$NAME:$3"
+
+
+get_bin(){
+	echo "[*] Grabbing binary"
+	container_id=$(docker create $DOCKER_IMG)
+	docker cp $container_id:/usr/local/bin/$NAME $TARGET_DIR/
+	docker rm -v $container_id
+}
+
+copy() {
+	echo "[*] Copying dist assets"
+	cp README.md  $TARGET_DIR
+	cp LICENSE.md $TARGET_DIR
+
+	mkdir $TARGET_DIR/docs
+	cp docs/CONFIGURATION.md $TARGET_DIR/docs
+	cp -r docs/installation/ $TARGET_DIR/docs
+
+	get_bin
+}
+
+pack() {
+	echo "[*] Creating dist tarball"
+	pushd $TMP_DIR
+	tar -cvzf $TARBALL $FILENAME
+	popd
+}
+
+checksum() {
+	echo "[*] Generating dist tarball checksum"
+	pushd $TMP_DIR
+	sha256sum $TARBALL > $TARBALL.sha256
+	popd
+}
+
+sign() {
+	echo "[*] Signing dist tarball checksum"
+	pushd $TMP_DIR
+	export GPG_TTY=$(tty)
+	gpg --verbose \
+		--pinentry-mode loopback \
+		--batch --yes \
+		--passphrase $GPG_PASSWORD \
+		--local-user $KEY \
+		--output $TARBALL.asc \
+		--sign --detach \
+		--armor $TARBALL
+	popd
+}
+
+delete_dir() {
+	curl --location --request DELETE "$DUMBSERVE_HOST/api/v1/files/delete" \
+		--header 'Content-Type: application/json' \
+		--data-raw "{
+			\"path\": \"$1\"
+		}"
+}
+
+upload_dist() {
+	upload_dist="librepages/$1"
+	delete_dir $upload_dist
+
+	pushd $TMP_DIR
+	for file in $TARBALL $TARBALL.asc $TARBALL.sha256
+	do
+		curl -v \
+			-F upload=@$file  \
+			"$DUMBSERVE_HOST/api/v1/files/upload?path=$upload_dist/"
+	done
+	popd
+}
+
+
+publish() {
+	copy
+	pack
+	checksum
+	sign
+	upload_dist $2
+}
+
+$1 $@